Lucene search
K

7 matches found

OSV
OSV
added 2025/07/18 2:48 p.m.5 views

OESA-2025-1835 thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: A permission leak could have occurred from a trusted site to an untrusted site via embed or object elements. This vulnerability affects Firefox 132, Firefox ESR 128.4, Firefox ESR 115.17, Thunderbird 128.4, and...

9.8CVSS9.4AI score0.32568EPSS
Exploits4References87
Snyk
Snyk
added 2025/01/17 4:29 p.m.2 views

Improper Restriction of Rendered UI Layers or Frames

Overview nbgrader is an A system for assigning and grading notebooks Affected versions of this package are vulnerable to Improper Restriction of Rendered UI Layers or Frames due to the improper configuration of the frame-ancestors directive. An attacker can extract sensitive content by crafting...

8.6CVSS7AI score0.00453EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/10/31 7:23 p.m.5 views

firefox: thunderbird: Confusing display of origin for external protocol handler prompt

The Mozilla Foundation's Security Advisory: The origin of an external protocol handler prompt could be obscured using a data: URL within an iframe...

5.4CVSS7.3AI score0.00291EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2018/10/05 2:0 p.m.9 views

CVE-2018-15423 Cisco HyperFlex UI Clickjacking Vulnerability

A vulnerability in the web UI of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to insufficient input validation of iFrame data in HTTP requests that are sent to an affected device. A...

6.9AI score0.00922EPSS
Exploits0References1
OSV
OSV
added 2018/06/11 9:29 p.m.0 views

DEBIAN-CVE-2017-7791

On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox ...

5.3CVSS6.9AI score0.01837EPSS
Exploits1References1
ThreatPost
ThreatPost
added 2016/10/13 11:56 a.m.22 views

Cisco Patches Critical Bug In Video Conferencing Server Hardware

On Wednesday Cisco Systems patched a critical vulnerability found in its Cisco Meeting Server hardware, a key component in its enterprise audio, web and video conferencing service. The flaw, according to a Cisco Security Advisory, could allow an unauthenticated remote attacker to masquerade as a...

7.1CVSS2.1AI score0.02514EPSS
Exploits0References6
Cisco
Cisco
added 2015/11/17 9:46 p.m.39 views

Cisco Firepower 9000 Series Switch Clickjacking Vulnerability

A vulnerability in the web interface of the Cisco Firepower 9000 Series Switch could allow an unauthenticated, remote attacker to affect the integrity of the device though a clickjacking or phishing attack. The vulnerability is due to the lack of proper input sanitization of iFrame data in the HT...

5CVSS6.6AI score0.00838EPSS
Exploits0References1
Rows per page
Query Builder